We should all have something to hide – The Tribune4 minutes read

News reports have indicated that the government is proposing draft amendments to the IT Act, making it mandatory for online platforms to detect and trace “unlawful content” as well as facilitate the breaking of end-to-end encryption. If the historical precedents to such legislations are to be considered, then they point towards the deeper anxieties of a nation state which force it to distrust its own citizens.

In 1998, Russia approached the UN’s committee on disarmament and international security, proposing a resolution to officially recognise the term “information security” instead of the popularly cited “cyber security”.

While the draft was rejected, it did set a template for how the UN would pursue international norms on cyber warfare.

Information war

Countries like Russia and China believe that information itself is a weapon — an institutional view cultivated over the last many decades of authoritarian rule. For them, the information war is to be waged both domestically and abroad.
They do not see any demarcation between foreign aggression and internal unrest: both aim at upending their prevalent cultural and belief systems. The Arab Spring — which bred on social media and ended up toppling many dictators — only confirmed their suspicions.

In fact, the 2016 Doctrine of Information Security is treated as a foundational document of the Russian Federation, clearly spelling out its national security imperatives in the digital era. China, on the other hand, has created symbiotic and indistinguishable structures to fight this two-faced war: domestic censorship and outwardly cyber aggression.

As a direct result of this worldview, Russia deems “hostile content” as the biggest threat to state sovereignty. It even had a clever ploy to connect censorship with “counter-terrorism” in the 1998 draft resolution.

So, the broad strokes of the Indian Government, as to what “unlawful content” implies, should sound an alarm.

Underlining the intensity of the civilisational clash which the internet has sparked, Russia’s UN resolution ended up dividing global cyber regulators into two power blocs: one believing in “free, open and multi-stakeholder internet” and the other in “cyber sovereignty.”

India’s positioning

India’s international positioning has been schizoid and wobbly. Alexander Klimburg, director of the Global Commission on the Stability of Cyberspace, labels it as a “swing state.”

All roads of data sovereignty lead to a dystopia. There is no turning back for the government once it embarks on that.

And even the barest of efforts to establish control or censorship under the pretence of localisation or law would undermine civil liberties. They comply with Harvard Business School professor Shoshana Zuboff’s third law: “Every digital application that can be used for surveillance and control will be used for surveillance and control.”

Undeniably so, the internet manifests from one belief system and isolates others. Wherever it went, the internet sparked a contest between subjectivity and objectivity, perception and reality, and belief and rationality. It served as an extension of liberal ethos, rubbing itself against the status quo and conservative social mores. It even fostered subcultures and appropriated the mainstream.

This widened digital gulf not only affects global security, but also the way societies think. James Lewis of the Centre for Strategic and International Studies adds: “Cyber effects will be produced by the manipulation of software, data, knowledge, and opinion. The objective is not kinetic but cognitive effect, the manipulation of information to change thoughts and behaviours.”

How govts treat encryption

Encryption squarely falls under that category. Governments have had a love-hate relationship with it. The US went to the extent of treating encryption algorithms as munitions, restricting them under export control. It also embarked on a decades-long effort to undermine and backdoor commercial encryption technologies, which are the cornerstone of web security.

But American cypherpunk activists saw encryption as the very mantle of civil liberties, leading to the release of many free security software.

Again, the debate here stems from an inherent distrust between the state and the citizenry. Many proponents of transparency believe that if you are a law-abiding citizen, you should have nothing to fear.

Moxie Marlinspike is the pioneer of end-to-end encryption. His secure messaging app Signal has saved the lives of many a dissident. He insists that “we should all have something to hide.” He believes that the biggest downside of the state’s desire to control information is that we end up living in an existing social structure which only creates a specific set of desires and motivations. Pre-emptive surveillance would make sure that movements which may now be at the margins of society would never even end up on the centre-stage or gain legitimacy. It would first impact the most vulnerable of sections.

The disheartening aspect of the Indian Government’s proposal is that there was not even an effort to hear or accommodate contrarian views. Needless to say, a balance has to be struck between privacy and security — but that cannot happen if both sides wallow within their own echo chambers.

Cyber geo-strategy does not exist as a formal discipline in India. This blog takes a shot at it.

It also curates Pukhraj's publications on cybersecurity spanning a decade. His bylines have appeared in The Indian Express, The Tribune, Deccan Herald, The Print, Huffington Post, BW BusinessWorld, The Quint, and Seminar.

Pukhraj was also recognised as a social activist while running Abroo, a now-defunct sociopolitical initiative for the Dalits of Punjab.